0

I followed this tutorial in order to add my own signed kernel module in my Ubuntu VM (18.04 LTS). It is hosted on Google Cloud Platform. I would like to add a certificate in the UEFI shim/Mokmanager, but when I restart the server in order to finalize the installation of the certificate, I can't access to the Mokmanager... Nothing happens by pressing on any key of the keyboard (see screenshot).

Is there an other way to add this certificate? Due to the fact that I want UEFI secure boot, disabling it is NOT an option.

Serial interface

Antonin M.
  • 205
  • 1
  • 3
  • 8

1 Answers1

2

Using custom certificates with UEFI is not supported by GCP at the moment. Whereas, it is recommended to use Shielded VM instances run firmware which is signed and verified using Google's Certificate Authority ensuring that the instance's firmware is unmodified and establishing the root of trust for Secure Boot. [1] [2] [3] [4]

Naman Parekh
  • 21
  • 3
  • https://cloud.google.com/migrate/compute-engine/docs/4.9/how-to/prepare-vms-servers/migrating-to-uefi-based-vms#limitations – Naman Parekh Mar 27 '20 at 03:14